Пример #1
0
 public function testRefreshFail()
 {
     $this->authAdapter->setIdentity('demo')->setCredential(md5('demo'));
     $authResponse = $this->auth->authenticate();
     $this->assertTrue($authResponse->isValid(), $authResponse->getMessages());
     $this->assertTrue($this->auth->hasIdentity());
     $this->authAdapter->setSessionId('inValid');
     $this->assertInstanceOf('Zend_Auth_Result', $authResponse = $this->auth->refresh());
     $this->assertFalse($authResponse->isValid(), $authResponse->getMessages());
 }
Пример #2
0
    /**
     * authenticate() - defined by Zend_Auth_Adapter_Interface.  This method is called to
     * attempt an authentication.  Previous to this call, this adapter would have already
     * been configured with all necessary information to successfully connect to a database
     * table and attempt to find a record matching the provided identity.
     *
     * @throws Zend_Auth_Adapter_Exception if answering the authentication query is impossible
     * @return Zend_Auth_Result
     */
    public function authenticate()
    {
        $result = parent::authenticate();

        $select = $this->_zendDb->select();
        $select->from($this->_tableName);
        $select->where($this->_zendDb->quoteIdentifier($this->_identityColumn, true) . ' = ?', $this->_identity);
        $user = $this->_zendDb->fetchRow($select, array(), Zend_Db::FETCH_OBJ);

        if ($result->isValid()) {
            // Check if user role is active
            $sql = 'SELECT enabled FROM s_core_auth_roles WHERE id = ?';
            if ($this->_zendDb->fetchOne($sql, array($user->roleID)) == false) {
                return new Zend_Auth_Result(
                    Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND,
                    $this->_identity, array()
                );
            }
            $this->updateExpiry();
            $this->updateSessionId();
        } else {
            // If more then 4 previous failed logins lock account for n * failedlogins seconds
            if ($user->failedlogins >= 4) {
                $lockedUntil = new Zend_Date();
                $lockedUntil->addSecond($this->lockSeconds * $user->failedlogins);
                $this->setLockedUntil($lockedUntil);
            }
            // Increase number of failed logins
            $this->setFailedLogins($user->failedlogins + 1);
            if(isset($lockedUntil)) {
                return new Zend_Auth_Result(
                    -4,
                    $this->_identity,
                    array('lockedUntil' => $lockedUntil)
                );
            }
        }
        return $result;
    }